436 matches found
CVE-2019-16752
An issue was discovered in Decentralized Anonymous Payment System DAPS through 2019-08-26. It is possible to force wallets to send HTTP requests to arbitrary locations, both on the local network and on the internet. This is a serious threat to user privacy, since it can possibly leak their IP...
CVE-2019-16753
An issue was discovered in Decentralized Anonymous Payment System DAPS through 2019-08-26. The content to be signed is composed of a representation of strings, rather than being composed of their binary representations. This is a weak signature scheme design that would allow the reuse of signatur...
AIAuditTrack: A Framework for AI Security System
The rapid expansion of AI-driven applications powered by large language models has led to a surge in AI interaction data, raising urgent challenges in security, accountability, and risk traceability. This paper presents AiAuditTrack AAT, a blockchain-based framework for AI usage traffic recording...
Project View: A New Era of Prioritized and Actionable Cloud Security
In today's cloud-first world, security teams face an overwhelming flood of alerts, fragmented visibility, and reactive workflows. The complexity of modern cloud environments—spanning multi-cloud deployments, ephemeral assets, and decentralized ownership—demands a new approach to risk management...
Enhancing the Security of Rollup Sequencers Using Decentrally Attested TEEs
The growing scalability demand of public Blockchains led to the rise of Layer-2 solutions, such as Rollups. Rollups improve transaction throughput by processing operations off-chain and posting the results on-chain. A critical component in Rollups is the Sequencer, responsible for receiving,...
An Efficient Privacy-Preserving Intrusion Detection Scheme for UAV Swarm Networks
The rapid proliferation of unmanned aerial vehicles UAVs and their applications in diverse domains, such as surveillance, disaster management, agriculture, and defense, have revolutionized modern technology. While the potential benefits of swarm-based UAV networks are growing significantly, they...
LLMs As Firmware Experts: A Runtime-Grown Tree-Of-Agents Framework
Large Language Models LLMs and their agent systems have recently demonstrated strong potential in automating code reasoning and vulnerability detection. However, when applied to large-scale firmware, their performance degrades due to the binary nature of firmware, complex dependency structures, a...
Software Supply Chain Security of Web3
Web3 applications, built on blockchain technology, manage billions of dollars in digital assets through decentralized applications dApps and smart contracts. These systems rely on complex, software supply chains that introduce significant security vulnerabilities. This paper examines the software...
Ransomware's Fragmentation Reaches a Breaking Point While LockBit Returns
Key Takeaways: 85 active ransomware and extortion groups observed in Q3 2025, reflecting the most decentralized ransomware ecosystem to date. 1,590 victims disclosed across 85 leak sites, showing high, sustained activity despite law-enforcement pressure. 14 new ransomware brands launched this...
CYPRESS: Transferring Secrets in the Shadow of Visible Packets
Network steganography and covert communication channels have been studied extensively in the past. However, prior works offer minimal practical use for their proposed techniques and are limited to specific use cases and network protocols. In this paper, we show that covert channels in networking...
Penetrating the Hostile: Detecting DeFi Protocol Exploits through Cross-Contract Analysis
Decentralized finance DeFi protocols are crypto projects developed on the blockchain to manage digital assets. Attacks on DeFi have been frequent and have resulted in losses exceeding $80 billion. Current tools detect and locate possible vulnerabilities in contracts by analyzing the state changes...
AAGATE: A NIST AI RMF-Aligned Governance Platform for Agentic AI
This paper introduces the Agentic AI Governance Assurance & Trust Engine AAGATE, a Kubernetes-native control plane designed to address the unique security and governance challenges posed by autonomous, language-model-driven agents in production. Recognizing the limitations of traditional...
North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware
The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality of two of its malware programs, indicating that the hacking group is actively refining its toolset. That's according to new findings from Cisco Talos, which said recent...
ExPrESSO: Zero-Knowledge Backed Extensive Privacy Preserving Single Sign-On
User authentication is one of the most important aspects for secure communication between services and end-users over the Internet. Service providers leverage Single-Sign On SSO to make it easier for their users to authenticate themselves. However, standardized systems for SSO, such as OIDC, do n...
EUVD-2019-7289
Malware in sbrugna...
EUVD-2019-7290
Malware in sbrugna...
EUVD-2020-0088
Malware in sbrugna...
EUVD-2024-42265
Malicious code in bioql PyPI...
EUVD-2023-53098
Malicious code in bioql PyPI...
EUVD-2023-48172
Malicious code in bioql PyPI...